Privacy Policy - Norwoodgreen Storage

This Privacy Policy explains how Norwoodgreen Storage collects, uses, stores, shares, and protects personal data relating to customers in the area. It applies to all Norwoodgreen Storage customers in area, including prospective customers, current customers, former customers, and anyone who interacts with our services on their behalf.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is designed to help you understand what information we collect, why we collect it, how long we keep it, who may process it for us, and what rights you have.

1. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data such as your name, title, and date of birth where needed for verification purposes.
  • Contact data such as address, email address, and telephone number.
  • Account and contract data including rental details, payment status, storage unit information, and agreement records.
  • Payment data such as billing details and transaction history. Card information may be processed by secure payment providers rather than retained by us.
  • Verification data such as proof of identity or address where required for fraud prevention, legal compliance, or access controls.
  • Usage data including site access records, entry logs, and security system activity where applicable.
  • Communication data including correspondence, complaints, enquiries, and records of support requests.
  • Technical data where you interact with our digital systems, such as device or browser information, if collected.

We only collect personal data that is necessary for the purposes described in this policy. Where possible, we limit collection to what is relevant, adequate, and proportionate.

2. How We Use Personal Data

Norwoodgreen Storage may use personal data for the following purposes:

  • to set up and manage customer accounts and storage agreements;
  • to verify identity and prevent fraud, misuse, or unauthorised access;
  • to process payments, renewals, refunds, and billing enquiries;
  • to provide customer support and respond to questions or complaints;
  • to maintain security, including controlled access to premises and incident management;
  • to meet legal, regulatory, accounting, and tax obligations;
  • to administer debt recovery, dispute resolution, or enforcement actions where necessary;
  • to improve our services, systems, and operational efficiency;
  • to keep necessary business and compliance records.

We will not use your personal data for purposes that are incompatible with the reasons for which it was originally collected unless we have a lawful basis to do so.

3. Lawful Basis for Processing

We process personal data only where we have a lawful basis under data protection law. Depending on the situation, Norwoodgreen Storage relies on one or more of the following bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes managing your storage account, taking payments, allocating a unit, and providing services you have requested.

Legal Obligation

We may process personal data to comply with legal requirements, such as accounting, tax, record-keeping, anti-fraud, and regulatory obligations.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. This may include site security, operational management, fraud prevention, service improvement, and dispute handling. When relying on legitimate interests, we assess the impact on your privacy and only process data in ways that are necessary and proportionate.

Consent

In limited circumstances, we may rely on your consent, for example where specific optional communications or preferences require it. When we rely on consent, you may withdraw it at any time.

4. Sharing and Processors

We may share personal data with trusted third parties who help us operate our business. These organisations act as processors or independent controllers depending on the service provided.

  • Payment processors that handle secure payment transactions and related fraud checks.
  • IT and cloud service providers that host, maintain, and secure our systems and records.
  • Security and access control providers that support site monitoring, alarm systems, or controlled entry.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.
  • Debt recovery or enforcement partners where necessary to pursue unpaid balances or enforce contracts.
  • Public authorities or regulators where disclosure is required by law.

Where we use processors, they are only permitted to process personal data on our instructions and must implement appropriate technical and organisational security measures. We seek to ensure that all processors are bound by appropriate contractual safeguards.

We do not sell personal data. If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place in accordance with applicable law.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting obligations. Retention periods vary depending on the type of record and the reason for holding it.

  • Contract and account records are retained for the duration of the storage relationship and for a further period after it ends where needed for dispute handling or legal claims.
  • Payment and invoicing records are retained for the period required by tax and accounting law.
  • Identity verification and compliance records are retained only as long as needed for security, legal, or regulatory purposes.
  • Correspondence and complaints are kept for as long as needed to manage the matter and retain evidence of resolution.
  • Security logs are retained for a limited period unless a longer retention is required for an incident, investigation, or legal obligation.

When personal data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe and appropriate manner.

6. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, staff training, secure storage, system protections, and restricted sharing of information on a need-to-know basis.

While no system can be guaranteed completely secure, we continually review our procedures to reduce risks and protect the confidentiality and integrity of the information we hold.

7. Your Rights

Under data protection law, you have rights regarding your personal data. These rights may apply depending on the circumstances and the lawful basis for processing.

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – in some cases, you can ask us to delete your personal data.
  • Right to restrict processing – you can ask us to limit how we use your data in certain circumstances.
  • Right to object – you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability – where applicable, you can request certain data in a structured, commonly used format.
  • Right to withdraw consent – if processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise any concerns with us first so that we can try to resolve them promptly.

8. Children’s Data

Our storage services are intended for adults and business users. We do not knowingly collect personal data from children unless it is incidentally provided in the course of lawful customer administration and only where appropriate safeguards are in place.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our operations, or the way we handle personal data. Any updates will apply from the date they take effect. We encourage customers to review this policy periodically to remain informed about how personal data is handled.

10. Summary of Our Commitment

Norwoodgreen Storage is committed to protecting personal data and processing it responsibly. We collect only what is necessary, use it for clear and lawful purposes, retain it only for as long as needed, and ensure that any processors acting on our behalf are appropriately bound and monitored. We also respect your rights and will respond to legitimate requests in line with applicable data protection law.

This Privacy Policy applies to all Norwoodgreen Storage customers in area.

Call Now!
Call Now Get a Quote
Norwoodgreen Storage

GDPR-compliant Privacy Policy for Norwoodgreen Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.